<?php

/*----------------------------------------------+
|  MaxForum					|
|  ===========================================	|
|  By Majd Almontaser				|
|  Released under the License GNU v3.0		|
|  http://www.Max4Dev.com			|
|  ===========================================	|
|  Ttmtt Team - http://www.liioiil.com		|
+-----------------------------------------------*/

if (!defined('MAX_ON')){
	echo "<h1>ACCESS DENIED</h1>You cannot access this file directly.";
	exit();
}
	
if ($can_change_forum_settings != 1 || $can_change_site_settings != 1)

	max_redirect('index.php?page=admin', 'admin');

error_reporting(E_ALL ^ E_NOTICE);

# Get gallery settings
$query	= mysql_query('SELECT * FROM ' . $db_prefix . 'gallery_settings');
$row	= mysql_fetch_assoc($query);

	$gallery['settings'] = $row;

# Create the gallery object to deal with the main stuff.
require	'includes/pages/gallery/classes/core.php';
$Gallery = new Gallery($gallery);

$Gallery->template('pages/admin/gallery.template.php', false);

# Load lang
@include 'language/' . $board_lang . '';
@include 'language/' . $board_lang . '.php';

switch ($_GET['sub'])
{
	case 'add_album':
		
		if ($_SERVER['REQUEST_METHOD'] == 'POST')
		{
			#---------------------------
			# Verify our inputs
			#---------------------------
				
				list($title, $desc) = $Gallery->escape_string($_POST['title'], $_POST['description']);
			
			#---------------------------
			# Upload image
			#---------------------------
				
				# Load image handling class
				require $max_root . 'includes/pages/gallery/classes/image.php';
				$Image = new Image($_FILES['image'], $gallery['settings'], true);
				
				if (!$Image->check(true)) max_redirect('index.php?page=admin&act=gallery', 'admin/gallery');
				
				# Upload the image, create thumbnail, etc
				$location = $Image->upload('uploads/gallery/albums/', $my_id);
				
				if ($location == false) max_redirect('index.php?page=admin&act=gallery', 'admin/gallery');
				
			#---------------------------
			# Update DB
			#---------------------------
			
				# Add image
				mysql_query('INSERT INTO ' . $db_prefix . 'gallery_albums_images (image) VALUES ("' . $location . '")');
				
				#--------------------------
				# Get the image's id
				#--------------------------
				
					$query	= mysql_query('SELECT id FROM ' . $db_prefix . 'gallery_albums_images ORDER BY id DESC LIMIT 1');
					$row	= mysql_fetch_assoc($query);
				
				# Add album
				mysql_query('INSERT INTO ' . $db_prefix . 'gallery_albums (name, description, image) VALUES ("' . $title . '", "' . $desc . '", ' . $row['id'] . ')');
				
			#---------------------------
			# And redirect...
			#---------------------------
			
				max_redirect('index.php?page=admin&act=gallery', 'admin/gallery');
		}
		else
		{
			$Gallery->hook('start', 4, 'end');
		}
	
		break;
		
	case 'edit_album':
	
		if ($_SERVER['REQUEST_METHOD'] == 'POST')
		{
			#---------------------------
			# Verify our inputs
			#---------------------------
			
				list($id, $title, $desc) = $Gallery->escape_string($_POST['id'], $_POST['title'], $_POST['description']);
				
			if ($_FILES['image']['error'] == 0)
			{
				#---------------------------
				# Upload image
				#---------------------------
				
					# Load image handling class
					require $max_root . 'includes/pages/gallery/classes/image.php';
					$Image = new Image($_FILES['image'], $gallery['settings'], true);
					
					if (!$Image->check(true)) max_redirect('index.php?page=admin&act=gallery', 'admin/gallery');
					
					# Upload the image, create thumbnail, etc
					$location = $Image->upload('uploads/gallery/albums/', $my_id);
					
					if ($location == false) max_redirect('index.php?page=admin&act=gallery', 'admin/gallery');
					
				#---------------------------
				# Update DB
				#---------------------------
				
					# Add image
					mysql_query('INSERT INTO ' . $db_prefix . 'gallery_albums_images (image) VALUES ("' . $location . '")');
					
					#--------------------------
					# Get the image's id
					#--------------------------
					
						$query	= mysql_query('SELECT id FROM ' . $db_prefix . 'gallery_albums_images ORDER BY id DESC LIMIT 1');
						$row	= mysql_fetch_assoc($query);
						
					mysql_query('UPDATE ' . $db_prefix . 'gallery_albums SET name = "' . $title . '", description = "' . $desc . '", image = ' . $row['id'] . ' WHERE id = ' . $id . ' LIMIT 1');
			}
			else
			
				mysql_query('UPDATE ' . $db_prefix . 'gallery_albums SET name = "' . $title . '", description = "' . $desc . '" WHERE id = ' . $id . ' LIMIT 1');
			
			#---------------------------
			# And redirect...
			#---------------------------
			
				max_redirect('index.php?page=admin&act=gallery', 'admin/gallery');
		}
		else
		{
			$id = escape_string($_GET['id']);
			
			#----------------------
			# Get album info
			#----------------------
			
				$query	= mysql_query('SELECT a.*, ai.image FROM ' . $db_prefix . 'gallery_albums a LEFT JOIN ' . $db_prefix . 'gallery_albums_images ai ON a.image = ai.id WHERE a.id = ' . $id . ' LIMIT 1');
				$info	= mysql_fetch_assoc($query);
				
					$info['image'] = '/uploads/gallery/albums/t_' . $info['image'];
					$info = array_map('strip_slashes', $info);
			
			$Gallery->hook('start', 5, 'end');
		}
	
		break;
		
	case 'delete_album':
	
		$id		= escape_string($_GET['id']);
		$query	= mysql_query('
					SELECT a.image as id, i.image
					
					FROM ' . $db_prefix . 'gallery_albums a
					
						LEFT JOIN ' . $db_prefix . 'gallery_albums_images i
						ON a.image = i.id
						
					WHERE a.id = ' . $id . '
				');
		$row	= mysql_fetch_assoc($query);
		
		mysql_query('DELETE FROM ' . $db_prefix . 'gallery_albums WHERE id = ' . $id . ' LIMIT 1');
		mysql_query('DELETE FROM ' . $db_prefix . 'gallery_albums_images WHERE id = ' . $row['id'] . ' LIMIT 1');
		
		#--------------------------
		# Remove the image
		#--------------------------
		
			unlink('uploads/gallery/albums/' . $row['image']);
			
		#---------------------------
		# And redirect...
		#---------------------------
			
			max_redirect('index.php?page=admin&act=gallery', 'admin/gallery');
	
		break;
		
	case 'edit_image':
	
		if ($_SERVER['REQUEST_METHOD'] == 'POST')
		{
			#----------------------------------
			# Collect and sanitise data
			#----------------------------------
			
				$id		= (int) $_POST['id'];
				$title	= escape_string($_POST['title']);
				$desc	= escape_string($_POST['description']);
				$album	= (int) $_POST['album'];
			
			#----------------------------------
			# Update the database
			#----------------------------------
			
				mysql_query('UPDATE ' . $db_prefix . 'gallery_images SET title = "' . $title . '", description = "' . $desc . '", album = ' . $album . ' WHERE id = ' . $id . ' LIMIT 1');
				
			#----------------------------------
			# And redirect
			#----------------------------------
			
				max_redirect('index.php?page=gallery&act=view-image&id=' . $id, 'gallery/view-image/' . $id);
		}
		else
		{
			$id = (int) $_GET['id'];
			
			#--------------------------------
			# Get image information
			#--------------------------------
			
				$query = mysql_query('SELECT title, description, album, user FROM ' . $db_prefix . 'gallery_images WHERE id = ' . $id . ' LIMIT 1');
				
				$row = mysql_fetch_assoc($query);
				
					$row				= array_map('strip_slashes', $row);
					$row['description']	= str_replace('<br />', '', $row['description']);
			
			$url		= 'admin&act=gallery&sub=edit_image&id=' . $id;
			$url_seo	= 'admin/gallery/edit_image/' . $id;
			
			# Starting hooks
			$Gallery->template('pages/gallery/my-images-edit.template.php')->hook('start', 1);
				
			#--------------------------------
			# Get albums
			#--------------------------------
			
				$query = mysql_query('SELECT id, name FROM ' . $db_prefix . 'gallery_albums');
				
				while ($albums = mysql_fetch_assoc($query))
				{
					$albums['name'] = strip_slashes($albums['name']);
					$Gallery->hook(2);
				}
			
			$Gallery->hook(3, 'end');
		}
	
		break;
		
	case 'delete_image':
	
		$id = (int) $_GET['id'];
		
		#----------------------------------------------------
		# Get the location of the image so we can
		# delete it from the server
		#----------------------------------------------------
		
			$query = mysql_query('SELECT image FROM ' . $db_prefix . 'gallery_images WHERE id = ' . $id . ' LIMIT 1');
			
			$row = mysql_fetch_assoc($query);
			
				# No data means image doesn't exist
				if (empty($row)) max_redirect('index.php?page=admin&act=gallery', 'admin/gallery');
			
			#---------------------------
			# Get rid of them
			#---------------------------
			
				$dir = 'uploads/gallery/images/';
			
				unlink($dir . $row['image']);
				unlink($dir . 't_' . $row['image']);
				
				# Reflection might not exist, so suppress any errors
				@unlink($dir . 'r_' . $row['image']);
				
		#-------------------------------------------------------
		# Now delete the record from the database
		#-------------------------------------------------------
		
			mysql_query('DELETE FROM ' . $db_prefix . 'gallery_images WHERE id = ' . $id . ' LIMIT 1');
			
			# Remove ratings
			mysql_query('DELETE FROM ' . $db_prefix . 'gallery_images_ratings WHERE image = ' . $id . ' LIMIT 1');
		
		max_redirect('index.php?page=gallery', 'gallery');
	
		break;
		
	default:
	
		# If settings have been updated..
		if ($_SERVER['REQUEST_METHOD'] == 'POST')
		{
			#------------------------
			# Sanitise inputs
			#------------------------
			
				$t_max_height		= (int) $_POST['t_max_height'];
				$t_max_width		= (int) $_POST['t_max_width'];
				$image_size			= (int) $_POST['image_size'];
				$image_exts			= escape_string($_POST['image_exts']);
				$image_reflections	= ((int) $_POST['image_reflections'] == 1) ? 1 : 0;
				$image_perpage		= (int) $_POST['image_perpage'];
			
			#-----------------------------
			# Update the database
			#-----------------------------
			
				mysql_query('UPDATE ' . $db_prefix . 'gallery_settings SET t_max_height = ' . $t_max_height . ', t_max_width = ' . $t_max_width . ', image_max_size = ' . $image_size . ', image_extensions = "' . $image_exts . '", image_reflections = ' . $image_reflections . ', image_perpage = ' . $image_perpage . ' LIMIT 1');
			
			#------------------------
			# Redirect
			#------------------------
			
				max_redirect('index.php?page=admin&act=gallery', 'admin/gallery');
		}
		else
		{
			# Show starting hooks
			$Gallery->hook('start', 1);
			
			#--------------------------------
			# List albums
			#--------------------------------
			
				$query = mysql_query('SELECT id, name, description FROM ' . $db_prefix . 'gallery_albums');
				
				while ($row = mysql_fetch_assoc($query))
				{
					if ($bgcolor == '#E5E6E8')
					
						$bgcolor = '#EBEBEC';
						
					else
					
						$bgcolor = '#E5E6E8';
					
					$row['description'] = nl2br($row['description']);
					$Gallery->hook(2);
				}
			
			$Gallery->hook(3, 'end');
		}
	
		break;
}
?>
